package cn.demo.framework.security.handle;

import cn.demo.common.constant.HttpStatus;
import cn.demo.common.core.domain.R;
import cn.demo.common.utils.JsonUtils;
import cn.demo.common.utils.ServletUtils;
import cn.demo.common.utils.StringUtils;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import java.io.Serial;
import java.io.Serializable;

/**
 * 权限不够处理类
 *
 * @author ruoyi
 */
@Component
public class AccessDeniedHandlerImpl implements AccessDeniedHandler, Serializable {

    @Serial
    private static final long serialVersionUID = 1L;

    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) {
        int code = HttpStatus.FORBIDDEN;
        String msg = StringUtils.format("请求访问：{}，没有权限，无法访问系统资源", request.getRequestURI());
        ServletUtils.renderString(response, JsonUtils.toJsonString(R.fail(code, msg)));
    }

}
